Security Round Up: What Recent Breaches you Should Know

It is the start of a new year which means new goals for most people and a fresh way of looking at things. Unfortunately, one thing that did not change with the start of the new year is the threat to your personal information and data. During the last few months some substantial new threats were released. These threats are in addition to the millions of users' data leaked via companies like Marriott and others and are of particular importance as they affect hardware items people commonly have in their home.

Security Round Up: What Recent Breaches You Should Know

Guardzilla indoor wireless security systems - GZ501W

A vulnerability in some of Guardzilla's indoor wireless security systems allow hard coded security keys to be easily cracked. This vulnerability exists primarily because the keys utilize an outdated algorithm. Once cracked, those keys can be used to access customer data uploaded to Amazon web services where Guardzilla's storage servers reside.

So what is a hard coded key and why is it generally a bad idea to have them? Hard coded keys are security keys that can be programmed into hardware devices. They allow the manufacturer to gain access to the local code and the device if there is a need. Hard coded keys are programmed into devices, sometimes using the same key for all devices or unique keys for each device. Either way, having a password account stored locally can be dangerous. For instance, when the security key can be hacked because the algorithm is out of date as is the case with Guardzilla.

Hopefully an update will be released soon to address this vulnerability. Until then, if you use the Guardzilla security system in question, it would be wise to disable the cloud-based storage functions. Instead, try backing up video to a local device and then to a different cloud-based storage backup solution that is not susceptible to the same vulnerability.

Orange & D-Link modems

A recent vulnerability was found on Orange LiveBox devices. Once exploited, the remote attacker is able to obtain the WiFi password and SSID of the modem by accessing the local config file storing this data. This may not seem like a big deal, but with certain tools the WiFi network can be traced down geographically. Once located, a hacker could get close enough to attach to the network and use the credentials to access resources on the network. This is especially dangerous for businesses who often store sensitive data.

Most of the 19,500 devices affected belong to users in France and Spain, but there are other instances of similar vulnerabilities in D-Link devices and other manufacturers have also experienced issues in the past. A vulnerability found in 8 different models of D-Link modems last year allowed complete takeover of the devices once exploited. When found, D-Link decided to patch just 2 of the 8 models as the remaining models would soon reach end-of-life meaning support would no longer be available.

Chromecast, Google Home & Smart TVs

Any device that connects directly to the internet can be also be accessed from hackers if the proper security is not in place. This includes smart TVs and other items like Chromecast devices. While this particular exploit was not technically used for malicious purposes, it reveals how easily our internet of things, or IoT, devices can often be the target of hackers.

The best defense against these vulnerabilities are:

  • Keeping all devices up to date. This is especially important for those devices that may seem unimportant, like IoT devices such as TVs, fans, etc. These devices are extremely important to update as the important part they play in maintaining security is often forgotten or overlooked. Since they are not used directly to access the internet, it is easy to forget they have the access and overlooked devices become easy targets to hackers.
  • Where possible, keep less secure items on a separate network. If your router supports it, create a secondary wireless network and add all IoT and less important devices to it. Keep only those computers and devices that need access to network resources on a separate network. Keeping secure and unsecured devices separated adds an additional level of security.

No matter how many times you change a password, or how complex the password is, you can still be vulnerable. There is absolutely nothing you can do to prevent the software on a device from leaking your credentials. This means it is imperative to separate devices where possible, to regularly update the software and firmware on those devices and to stay as informed as possible to prevent unauthorized access to your data and private information.

As always, new exploits will continue to be released, but being aware of them and doing your best to reduce your exposure is important!